nRF54L15 enabled L4 connection

Hello Team,

Our concerns are related to L4 security in BLE

1. We're using nRF54L15 chipset having nCS SDK 2.9, peripheral LBS example mentioned in this exercise (Exercise 1 - Nordic Developer Academy), we needed authentication to be enabled for BLE connection while we're exploring characteristics, so we enabled Level 4 with BT_GATT_PERM_WRITE_AUTHEN or BT_GATT_PERM_READ_AUTHEN, we are able to access the characteristics defined in L4 using android nRF Connect app (As it allows us to add key while bonding) but not able to access these characteristics using nRF Connect app iOS app as there's just connect option app, can you please help us with how do we able to access these characteristics once we enable L4 security.

2. Our another requirement is to enable L4 security, we're configuring BLE Mesh & BLE GATT (PB-GATT) both in our application, so as per above mentioned exercise, we were able to experiment L4 with the help of peripheral lbs sample, we need to experiment the sample having BLE mesh & L4 security being enabled in configurations so that when proceed with BLE connection we need to add passkey while pairing.

nCS SDK V2.9.0

Chipset - nRF54L15

Thank you,

Regards,

Hitesh

0 Einar Thorsrud 1 day ago

Hi Hitesh,

Can you elaborate on how you tested and how it did not work? The iOS Bluetooth APIs are quite limited, so there is no way for an iOS app (like nRF Connect for iOS) to initiate pairing/bonding explicitly. However, when attempting to access a characteristic and that is prevented due to permissions, the iOS Bleutooth stack will initiate pairing/bonding. Did that not happen when you tested?

Br,

Einar
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Hansraj Gavali 9 hours ago in reply to Einar Thorsrud

Hi Team,

As per Exercise 1 - Nordic Developer Academy, Hitesh has mentioned in his query that he has followed each step provided in the exercise. We tested the BLE connection with Android and iOS Device. Android bluetooth connection works perfectly as per the exercise using nrf Connect App but when the same thing is tried with iPhone nrf Connect App it gets connected but we are not able to see the pairing alert pop up.

Can you help us to find whether something thing is missed or we haven't considered in the code?

Thank you,

Regards,

Hansraj
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

0 Einar Thorsrud 9 hours ago in reply to Hansraj Gavali

Hi Hansraj,

The LBS sample does not requier security on the characteristics, and therefore, iOS will never initiate pairing/bonding for it (for the reasons outlined in my previous post). If you want to pair with the LBS sample using iOS, you need to modify the service. You can do that by modifying nrf/subsys/bluetooth/services/lbs.c as shown in this diff:

diff --git a/subsys/bluetooth/services/lbs.c b/subsys/bluetooth/services/lbs.c
index 2db564e8fa..fbd9724009 100644
--- a/subsys/bluetooth/services/lbs.c
+++ b/subsys/bluetooth/services/lbs.c
@@ -100,18 +100,18 @@ BT_GATT_PRIMARY_SERVICE(BT_UUID_LBS),
 #ifdef CONFIG_BT_LBS_POLL_BUTTON
        BT_GATT_CHARACTERISTIC(BT_UUID_LBS_BUTTON,
                               BT_GATT_CHRC_READ | BT_GATT_CHRC_NOTIFY,
-                              BT_GATT_PERM_READ, read_button, NULL,
+                              BT_GATT_PERM_READ_AUTHEN, read_button, NULL,
                               &button_state),
 #else
        BT_GATT_CHARACTERISTIC(BT_UUID_LBS_BUTTON,
                               BT_GATT_CHRC_READ | BT_GATT_CHRC_NOTIFY,
-                              BT_GATT_PERM_READ, NULL, NULL, NULL),
+                              BT_GATT_PERM_READ_AUTHEN, NULL, NULL, NULL),
 #endif
        BT_GATT_CCC(lbslc_ccc_cfg_changed,
-                   BT_GATT_PERM_READ | BT_GATT_PERM_WRITE),
+               BT_GATT_PERM_READ_AUTHEN | BT_GATT_PERM_WRITE_AUTHEN),
        BT_GATT_CHARACTERISTIC(BT_UUID_LBS_LED,
                               BT_GATT_CHRC_WRITE,
-                              BT_GATT_PERM_WRITE,
+                              BT_GATT_PERM_WRITE_AUTHEN,
                               NULL, write_led, NULL),
 );

With this, when you attemt to for instance read the button state, pairing will be initated (note that LESC will be used, and the pass key will be printed in the UART log).